From ccbc1bac608dc386025c36e863872b1706f5b1ce Mon Sep 17 00:00:00 2001 From: Ruby Martin Date: Tue, 16 Jun 2026 16:19:55 -0600 Subject: [PATCH] free md5/sha before returning error --- src/internal.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/internal.c b/src/internal.c index ba1ff99467..f87d27f952 100644 --- a/src/internal.c +++ b/src/internal.c @@ -24468,6 +24468,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, /* in buffer */ ret |= wc_Md5Update(&md5, in, sz); if (ret != 0) { + wc_Md5Free(&md5); WOLFSSL_ERROR_VERBOSE(VERIFY_MAC_ERROR); return VERIFY_MAC_ERROR; } @@ -24479,6 +24480,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, } #endif if (ret != 0) { + wc_Md5Free(&md5); WOLFSSL_ERROR_VERBOSE(VERIFY_MAC_ERROR); return VERIFY_MAC_ERROR; } @@ -24488,6 +24490,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, ret |= wc_Md5Update(&md5, PAD2, padSz); ret |= wc_Md5Update(&md5, result, digestSz); if (ret != 0) { + wc_Md5Free(&md5); WOLFSSL_ERROR_VERBOSE(VERIFY_MAC_ERROR); return VERIFY_MAC_ERROR; } @@ -24499,6 +24502,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, } #endif if (ret != 0) { + wc_Md5Free(&md5); WOLFSSL_ERROR_VERBOSE(VERIFY_MAC_ERROR); return VERIFY_MAC_ERROR; } @@ -24518,6 +24522,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, /* in buffer */ ret |= wc_ShaUpdate(&sha, in, sz); if (ret != 0) { + wc_ShaFree(&sha); WOLFSSL_ERROR_VERBOSE(VERIFY_MAC_ERROR); return VERIFY_MAC_ERROR; } @@ -24529,6 +24534,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, } #endif if (ret != 0) { + wc_ShaFree(&sha); WOLFSSL_ERROR_VERBOSE(VERIFY_MAC_ERROR); return VERIFY_MAC_ERROR; } @@ -24538,6 +24544,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, ret |= wc_ShaUpdate(&sha, PAD2, padSz); ret |= wc_ShaUpdate(&sha, result, digestSz); if (ret != 0) { + wc_ShaFree(&sha); WOLFSSL_ERROR_VERBOSE(VERIFY_MAC_ERROR); return VERIFY_MAC_ERROR; } @@ -24549,6 +24556,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, } #endif if (ret != 0) { + wc_ShaFree(&sha); WOLFSSL_ERROR_VERBOSE(VERIFY_MAC_ERROR); return VERIFY_MAC_ERROR; }